Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/5SNCG70WUu3bVRTc1E_UTdK87HM.roa
File: 5SNCG70WUu3bVRTc1E_UTdK87HM.roa (raw, json)
Hash identifier: cK5FKdBT36dKzN7mYtSROZYTmwJKXuEjjaJGvwK/id4=
Subject key identifier: E5:23:42:1B:BD:16:52:ED:DB:55:14:DC:D4:4F:D4:4D:D2:BC:EC:73
Certificate issuer: /CN=14e282cf616284b58f85ec43e54c90bf9594e49c
Certificate serial: 018CC80117E7B9AB01C9A7096A21116723B6
Authority key identifier: 14:E2:82:CF:61:62:84:B5:8F:85:EC:43:E5:4C:90:BF:95:94:E4:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FOKCz2FihLWPhexD5UyQv5WU5Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/5SNCG70WUu3bVRTc1E_UTdK87HM.roa
Signing time: Tue 02 Jan 2024 02:29:23 +0000
ROA not before: Tue 02 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21396
IP address blocks: 141.0.208.0/20 maxlen: 24
80.249.96.0/20 maxlen: 24
5.182.220.0/22 maxlen: 24
5.182.220.0/24 maxlen: 24
2a02:68::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/FOKCz2FihLWPhexD5UyQv5WU5Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/FOKCz2FihLWPhexD5UyQv5WU5Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FOKCz2FihLWPhexD5UyQv5WU5Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 13:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:17:e7:b9:ab:01:c9:a7:09:6a:21:11:67:23:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14e282cf616284b58f85ec43e54c90bf9594e49c
Validity
Not Before: Jan 2 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e523421bbd1652eddb5514dcd44fd44dd2bcec73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:30:77:ee:d3:5a:61:08:c3:5b:d4:11:68:17:
45:81:4c:8d:ca:b4:5f:83:8e:61:97:64:60:3d:50:
41:14:96:21:62:9b:f3:aa:94:6d:28:88:ae:fe:b4:
fd:86:9d:e1:f7:aa:0f:d6:c2:47:c6:4f:8a:1b:30:
30:95:fc:a2:0e:13:b9:8b:f3:7b:aa:8e:67:a5:72:
81:be:36:7e:5f:9a:e8:67:ca:44:08:0f:90:37:97:
c1:9d:43:00:13:30:cd:d7:1e:42:c7:fb:35:02:8a:
46:7e:c9:0b:60:70:43:e0:d9:5e:0f:91:15:11:26:
b9:57:62:43:35:19:b5:c9:9c:e6:4f:69:c8:ba:9b:
7f:ef:17:a6:37:7c:a1:bc:1d:9c:ed:6d:49:2b:23:
25:64:fd:7f:64:e8:d0:29:c7:30:88:b8:5f:de:54:
0f:03:9d:b6:45:86:ad:37:af:9f:25:3e:77:78:12:
cf:09:85:ef:7d:19:ab:85:ff:e7:ed:6f:fc:42:c0:
01:d0:c5:7a:cc:6d:b0:90:59:fe:4d:3c:13:ef:27:
3c:bc:3f:00:c8:12:08:70:ca:cb:46:39:8e:22:7a:
f2:ad:8f:c0:28:26:38:23:cd:be:a7:56:1c:70:ef:
99:56:a9:c3:82:98:af:62:e6:60:39:d1:28:44:57:
e7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:23:42:1B:BD:16:52:ED:DB:55:14:DC:D4:4F:D4:4D:D2:BC:EC:73
X509v3 Authority Key Identifier:
keyid:14:E2:82:CF:61:62:84:B5:8F:85:EC:43:E5:4C:90:BF:95:94:E4:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FOKCz2FihLWPhexD5UyQv5WU5Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/5SNCG70WUu3bVRTc1E_UTdK87HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/FOKCz2FihLWPhexD5UyQv5WU5Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.220.0/22
80.249.96.0/20
141.0.208.0/20
IPv6:
2a02:68::/29
Signature Algorithm: sha256WithRSAEncryption
30:c5:a4:82:51:6b:71:ed:bf:1c:69:46:2a:50:6f:fe:08:16:
25:8c:4e:70:b8:65:9c:30:15:71:b3:f2:5f:f1:b9:6e:72:db:
e1:50:3f:ff:e6:73:a7:02:4f:b9:eb:c2:d5:f0:89:24:e4:06:
a7:f9:0b:ad:17:3c:00:0e:e5:4a:ce:3d:b1:bd:6c:5a:63:53:
67:4d:43:75:c2:10:98:43:0f:d6:6f:b8:c5:16:be:06:d2:e5:
68:b0:b1:dd:f3:ef:a8:30:53:27:a3:c5:f3:93:42:51:64:7a:
50:9c:09:87:64:7e:20:06:29:bd:f2:c6:d3:b5:0e:17:a0:4c:
25:dd:ae:85:1a:74:87:25:74:6d:db:0e:4f:b0:e0:e5:4e:54:
41:85:a2:b5:f4:14:e2:7a:94:41:cb:a2:66:de:55:d8:94:6d:
39:fc:e3:c4:54:9e:92:75:d8:c9:09:e8:cb:20:ed:ee:dc:62:
9b:92:d3:0f:b6:1a:2a:47:08:da:12:1f:e6:4e:21:c3:6a:fe:
d5:ef:75:6b:2f:23:b7:1f:c7:20:8a:a7:dc:41:a6:8b:c1:c9:
c8:e2:f3:16:34:36:a2:f9:bf:c4:7a:3a:fe:3c:e2:aa:49:7d:
cf:19:31:9d:47:2a:18:7f:d0:c0:6c:8d:ca:ff:98:69:0f:42:
86:bf:4b:9d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIARfnuasByacJaiERZyO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZTI4MmNmNjE2Mjg0YjU4Zjg1ZWM0M2U1NGM5MGJmOTU5
NGU0OWMwHhcNMjQwMTAyMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTIzNDIxYmJkMTY1MmVkZGI1NTE0ZGNkNDRmZDQ0ZGQyYmNlYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTB37tNaYQjDW9QRaBdFgUyNyrRf
g45hl2RgPVBBFJYhYpvzqpRtKIiu/rT9hp3h96oP1sJHxk+KGzAwlfyiDhO5i/N7
qo5npXKBvjZ+X5roZ8pECA+QN5fBnUMAEzDN1x5Cx/s1AopGfskLYHBD4NleD5EV
ESa5V2JDNRm1yZzmT2nIupt/7xemN3yhvB2c7W1JKyMlZP1/ZOjQKccwiLhf3lQP
A522RYatN6+fJT53eBLPCYXvfRmrhf/n7W/8QsAB0MV6zG2wkFn+TTwT7yc8vD8A
yBIIcMrLRjmOInryrY/AKCY4I82+p1YccO+ZVqnDgpivYuZgOdEoRFfnnwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOUjQhu9FlLt21UU3NRP1E3SvOxzMB8GA1UdIwQY
MBaAFBTigs9hYoS1j4XsQ+VMkL+VlOScMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk9LQ3oyRmloTFdQaGV4RDVVeVF2NVdVNUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jOGQ4YWQtY2Q3Mi00MTliLTk3M2Yt
NTYwOTRmZDZjYzZjLzEvNVNOQ0c3MFdVdTNiVlJUYzFFX1VUZEs4N0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jOGQ4YWQtY2Q3Mi00MTliLTk3M2YtNTYwOTRmZDZjYzZj
LzEvRk9LQ3oyRmloTFdQaGV4RDVVeVF2NVdVNUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbbcAwQE
UPlgAwQEjQDQMA0EAgACMAcDBQMqAgBoMA0GCSqGSIb3DQEBCwUAA4IBAQAwxaSC
UWtx7b8caUYqUG/+CBYljE5wuGWcMBVxs/Jf8bluctvhUD//5nOnAk+568LV8Ikk
5Aan+QutFzwADuVKzj2xvWxaY1NnTUN1whCYQw/Wb7jFFr4G0uVosLHd8++oMFMn
o8Xzk0JRZHpQnAmHZH4gBim98sbTtQ4XoEwl3a6FGnSHJXRt2w5PsODlTlRBhaK1
9BTiepRBy6Jm3lXYlG05/OPEVJ6SddjJCejLIO3u3GKbktMPthoqRwjaEh/mTiHD
av7V73VrLyO3H8cgiqfcQaaLwcnI4vMWNDai+b/Eejr+POKqSX3PGTGdRyoYf9DA
bI3K/5hpD0KGv0ud
-----END CERTIFICATE-----
Generated at Wed May 22 19:53:24 2024 by rpki-client on console-fra.rpki-client.org